Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1602 vulnerabilities by ImageMagick
CVE-2026-61870 (GCVE-0-2026-61870)
Vulnerability from nvd – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder
Summary
ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service.
Severity
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 2.1,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:09.995Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-m596-67p7-69wh)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-m596-67p7-69wh"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-memory-leak-via-viff-encoder"
}
],
"title": "ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61870",
"datePublished": "2026-07-11T13:01:09.995Z",
"dateReserved": "2026-07-10T21:54:26.760Z",
"dateUpdated": "2026-07-11T13:01:09.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61861 (GCVE-0-2026-61861)
Vulnerability from nvd – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption
Summary
ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution.
Severity
CWE
- CWE-416 - Use After Free
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "RigelYoung"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:09.306Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-qvxh-prvr-85w2)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvxh-prvr-85w2"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-use-after-free-in-formatmagickcaption"
}
],
"title": "ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61861",
"datePublished": "2026-07-11T13:01:09.306Z",
"dateReserved": "2026-07-10T21:53:55.769Z",
"dateUpdated": "2026-07-11T13:01:09.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61858 (GCVE-0-2026-61858)
Vulnerability from nvd – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Policy Bypass via APNG encoder
Summary
ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process.
Severity
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "rexpository"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:08.621Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-v3j6-27vc-7pw2)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v3j6-27vc-7pw2"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Policy Bypass via APNG encoder",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-policy-bypass-via-apng-encoder"
}
],
"title": "ImageMagick before 7.1.2-26 Policy Bypass via APNG encoder",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61858",
"datePublished": "2026-07-11T13:01:08.621Z",
"dateReserved": "2026-07-10T21:53:55.768Z",
"dateUpdated": "2026-07-11T13:01:08.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61857 (GCVE-0-2026-61857)
Vulnerability from nvd – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Heap Use-After-Free via XMP
Summary
ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes.
Severity
CWE
- CWE-252 - Unchecked Return Value
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "rexpository"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:07.926Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-qh5g-q395-cx4j)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh5g-q395-cx4j"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Heap Use-After-Free via XMP",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-heap-use-after-free-via-xmp"
}
],
"title": "ImageMagick before 7.1.2-26 Heap Use-After-Free via XMP",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61857",
"datePublished": "2026-07-11T13:01:07.926Z",
"dateReserved": "2026-07-10T21:53:55.768Z",
"dateUpdated": "2026-07-11T13:01:07.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61465 (GCVE-0-2026-61465)
Vulnerability from nvd – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Memory Allocation Policy Bypass
Summary
ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of service.
Severity
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "rexpository"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:07.209Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-rvhp-75f6-9jqh)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rvhp-75f6-9jqh"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Memory Allocation Policy Bypass",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-memory-allocation-policy-bypass"
}
],
"title": "ImageMagick before 7.1.2-26 Memory Allocation Policy Bypass",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61465",
"datePublished": "2026-07-11T13:01:07.209Z",
"dateReserved": "2026-07-09T14:07:55.625Z",
"dateUpdated": "2026-07-11T13:01:07.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56372 (GCVE-0-2026-56372)
Vulnerability from nvd – Published: 2026-07-11 13:00 – Updated: 2026-07-11 13:00
VLAI
EPSS
VEX
Title
ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method
Summary
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service.
Severity
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-19
(semver)
Unaffected: 7.1.2-19 (semver) |
Date Public
2026-04-13 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-19",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-19",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "e1abrador"
}
],
"datePublic": "2026-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:00:58.423Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-8vfj-q2cp-5m5j)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8vfj-q2cp-5m5j"
},
{
"name": "VulnCheck Advisory: ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-read-via-unrecognized-magnify-method"
}
],
"title": "ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56372",
"datePublished": "2026-07-11T13:00:58.423Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-07-11T13:00:58.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56373 (GCVE-0-2026-56373)
Vulnerability from nvd – Published: 2026-07-10 13:57 – Updated: 2026-07-10 15:06
VLAI
EPSS
VEX
Title
ImageMagick - Use-After-Free Write in PDB Decoder
Summary
ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-15
(semver)
Unaffected: 7.1.2-15 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-40
(semver)
Unaffected: 6.9.13-40 (semver) |
Date Public
2026-02-23 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56373",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-10T15:04:44.577179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T15:06:42.233Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-15",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-15",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-40",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-40",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zerojackyi"
}
],
"datePublic": "2026-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T13:57:58.981Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-3j4x-rwrx-xxj9)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3j4x-rwrx-xxj9"
},
{
"name": "VulnCheck Advisory: ImageMagick - Use-After-Free Write in PDB Decoder",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-use-after-free-write-in-pdb-decoder"
}
],
"title": "ImageMagick - Use-After-Free Write in PDB Decoder",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56373",
"datePublished": "2026-07-10T13:57:58.981Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-07-10T15:06:42.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56366 (GCVE-0-2026-56366)
Vulnerability from nvd – Published: 2026-07-10 13:57 – Updated: 2026-07-10 13:57
VLAI
EPSS
VEX
Title
ImageMagick - Memory Leak in META Reader APP1JPEG Error Path
Summary
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion.
Severity
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-18
(semver)
Unaffected: 7.1.2-18 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-43
(semver)
Unaffected: 6.9.13-43 (semver) |
Date Public
2026-03-24 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-18",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-18",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-43",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-43",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "unbengable12"
}
],
"datePublic": "2026-03-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T13:57:58.303Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-9r56-3gjq-hqf7)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9r56-3gjq-hqf7"
},
{
"name": "VulnCheck Advisory: ImageMagick - Memory Leak in META Reader APP1JPEG Error Path",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-meta-reader-app1jpeg-error-path"
}
],
"title": "ImageMagick - Memory Leak in META Reader APP1JPEG Error Path",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56366",
"datePublished": "2026-07-10T13:57:58.303Z",
"dateReserved": "2026-06-21T02:05:21.919Z",
"dateUpdated": "2026-07-10T13:57:58.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56374 (GCVE-0-2026-56374)
Vulnerability from nvd – Published: 2026-07-08 13:49 – Updated: 2026-07-08 15:46
VLAI
EPSS
VEX
Title
ImageMagick - Heap Buffer Overflow in FTXT Encoder via format Parameter
Summary
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT image files to cause denial of service or information disclosure.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-19
(semver)
Unaffected: 7.1.2-19 (semver) |
Date Public
2026-04-13 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T15:46:45.904836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T15:46:51.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-19",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-19",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "unbengable12"
}
],
"datePublic": "2026-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT image files to cause denial of service or information disclosure."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:49:04.868Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-w54j-7wpm-crhj)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w54j-7wpm-crhj"
},
{
"name": "VulnCheck Advisory: ImageMagick - Heap Buffer Overflow in FTXT Encoder via format Parameter",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-in-ftxt-encoder-via-format-parameter"
}
],
"title": "ImageMagick - Heap Buffer Overflow in FTXT Encoder via format Parameter",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56374",
"datePublished": "2026-07-08T13:49:04.868Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-07-08T15:46:51.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56362 (GCVE-0-2026-56362)
Vulnerability from nvd – Published: 2026-07-08 13:49 – Updated: 2026-07-08 17:08
VLAI
EPSS
VEX
Title
ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization
Summary
ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting any writer calling GetPixelIndex.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-15
(semver)
Unaffected: 7.1.2-15 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-40
(semver)
Unaffected: 6.9.13-40 (semver) |
Date Public
2026-02-23 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56362",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T16:41:35.114834Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T17:08:28.947Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-15",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-15",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-40",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-40",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ylwango613"
}
],
"datePublic": "2026-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting any writer calling GetPixelIndex."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.1,
"baseSeverity": "LOW",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:49:04.142Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-gq5v-qf8q-fp77)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gq5v-qf8q-fp77"
},
{
"name": "VulnCheck Advisory: ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-read-in-getpixelindex-via-openpixelcache-metadata-desynchronization"
}
],
"title": "ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56362",
"datePublished": "2026-07-08T13:49:04.142Z",
"dateReserved": "2026-06-20T21:16:53.711Z",
"dateUpdated": "2026-07-08T17:08:28.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55628 (GCVE-0-2026-55628)
Vulnerability from nvd – Published: 2026-07-01 18:16 – Updated: 2026-07-01 18:34
VLAI
EPSS
VEX
Title
ImageMagick: Policy Bypass in concatenate operation due to missing checks
Summary
In versions prior to 7.1.2-26he, the `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
< 7.1.2-26
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55628",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T18:34:24.518609Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T18:34:34.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003c 7.1.2-26"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In versions prior to 7.1.2-26he, the `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73: External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T18:16:23.076Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-82mp-vp5c-9pf7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-82mp-vp5c-9pf7"
}
],
"source": {
"advisory": "GHSA-82mp-vp5c-9pf7",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Policy Bypass in concatenate operation due to missing checks"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55628",
"datePublished": "2026-07-01T18:16:23.076Z",
"dateReserved": "2026-06-16T23:52:12.055Z",
"dateUpdated": "2026-07-01T18:34:34.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55597 (GCVE-0-2026-55597)
Vulnerability from nvd – Published: 2026-07-01 19:03 – Updated: 2026-07-01 19:21
VLAI
EPSS
VEX
Title
ImageMagick: Heap Buffer Over-Write in JP2 encoder when due to incorrect handling of arguments
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has been fixed in version7.1.2-26.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
< 7.1.2-26
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55597",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T19:20:56.190744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:21:38.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003c 7.1.2-26"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has been fixed in version7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682: Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:03:29.911Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-c4v7-w88g-m6c4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-c4v7-w88g-m6c4"
}
],
"source": {
"advisory": "GHSA-c4v7-w88g-m6c4",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Heap Buffer Over-Write in JP2 encoder when due to incorrect handling of arguments"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55597",
"datePublished": "2026-07-01T19:03:29.911Z",
"dateReserved": "2026-06-16T23:18:03.170Z",
"dateUpdated": "2026-07-01T19:21:38.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55595 (GCVE-0-2026-55595)
Vulnerability from nvd – Published: 2026-07-01 19:00 – Updated: 2026-07-02 12:46
VLAI
EPSS
VEX
Title
ImageMagick: Infinite Loop in connected-components when providing invalid arguments
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
>= 7.0.1-0, < 7.1.2-26
Affected: < 6.9.13-51 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-02T12:46:31.787688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-02T12:46:43.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.1-0, \u003c 7.1.2-26"
},
{
"status": "affected",
"version": "\u003c 6.9.13-51"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:00:31.074Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qhmf-7fc4-8q3h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qhmf-7fc4-8q3h"
}
],
"source": {
"advisory": "GHSA-qhmf-7fc4-8q3h",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Infinite Loop in connected-components when providing invalid arguments"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55595",
"datePublished": "2026-07-01T19:00:31.074Z",
"dateReserved": "2026-06-16T23:18:03.170Z",
"dateUpdated": "2026-07-02T12:46:43.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55594 (GCVE-0-2026-55594)
Vulnerability from nvd – Published: 2026-07-01 18:58 – Updated: 2026-07-02 14:38
VLAI
EPSS
VEX
Title
ImageMagick: Stack Overflow in MVG decoder due to missing depth check.
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
>= 7.0.1-0, < 7.1.2-26
Affected: < 6.9.13-51 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55594",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-02T14:37:56.304875Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-02T14:38:08.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.1-0, \u003c 7.1.2-26"
},
{
"status": "affected",
"version": "\u003c 6.9.13-51"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674: Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T18:58:46.046Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mx48-2qq3-23hf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mx48-2qq3-23hf"
}
],
"source": {
"advisory": "GHSA-mx48-2qq3-23hf",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Stack Overflow in MVG decoder due to missing depth check."
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55594",
"datePublished": "2026-07-01T18:58:46.046Z",
"dateReserved": "2026-06-16T23:18:03.170Z",
"dateUpdated": "2026-07-02T14:38:08.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55577 (GCVE-0-2026-55577)
Vulnerability from nvd – Published: 2026-07-01 18:56 – Updated: 2026-07-01 19:24
VLAI
EPSS
VEX
Title
ImageMagick: Heap Buffer Overflow in ImageMagick MVG decoder
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
>= 7.0.1-0, < 7.1.2-26
Affected: < 6.9.13-51 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55577",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T19:24:24.858753Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:24:45.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.1-0, \u003c 7.1.2-26"
},
{
"status": "affected",
"version": "\u003c 6.9.13-51"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755: Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T18:56:28.768Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wx47-rm3x-jx6p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wx47-rm3x-jx6p"
}
],
"source": {
"advisory": "GHSA-wx47-rm3x-jx6p",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Heap Buffer Overflow in ImageMagick MVG decoder"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55577",
"datePublished": "2026-07-01T18:56:28.768Z",
"dateReserved": "2026-06-16T23:11:20.215Z",
"dateUpdated": "2026-07-01T19:24:45.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55510 (GCVE-0-2026-55510)
Vulnerability from nvd – Published: 2026-07-01 18:53 – Updated: 2026-07-01 19:21
VLAI
EPSS
VEX
Title
ImageMagick: Use-After-Free in crafted 8BIM when identifying an image
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a use-after-free will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
>= 7.0.1-0, < 7.1.2-26
Affected: < 6.9.13-51 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55510",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T19:21:31.578490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:21:37.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.1-0, \u003c 7.1.2-26"
},
{
"status": "affected",
"version": "\u003c 6.9.13-51"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a use-after-free will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T18:55:04.567Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-ff5c-8x9r-8qcw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-ff5c-8x9r-8qcw"
}
],
"source": {
"advisory": "GHSA-ff5c-8x9r-8qcw",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Use-After-Free in crafted 8BIM when identifying an image"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55510",
"datePublished": "2026-07-01T18:53:58.567Z",
"dateReserved": "2026-06-16T22:44:22.283Z",
"dateUpdated": "2026-07-01T19:21:37.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-53467 (GCVE-0-2026-53467)
Vulnerability from nvd – Published: 2026-07-01 18:50 – Updated: 2026-07-01 19:27
VLAI
EPSS
VEX
Title
ImageMagick: Information Disclosure in MNG decoder because allocated memory is left unchanged
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible heap information disclosure vulnerability because part of the pixels are left unchanged. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
< 6.9.13-51
Affected: >= 7.0.1-0, < 7.1.2-26 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-53467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T19:26:55.818775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:27:13.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003c 6.9.13-51"
},
{
"status": "affected",
"version": "\u003e= 7.0.1-0, \u003c 7.1.2-26"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contains a possible heap information disclosure vulnerability because part of the pixels are left unchanged. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908: Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T18:50:56.821Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8g53-9m3c-69xg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8g53-9m3c-69xg"
}
],
"source": {
"advisory": "GHSA-8g53-9m3c-69xg",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Information Disclosure in MNG decoder because allocated memory is left unchanged"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-53467",
"datePublished": "2026-07-01T18:50:56.821Z",
"dateReserved": "2026-06-09T16:31:21.495Z",
"dateUpdated": "2026-07-01T19:27:13.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-53466 (GCVE-0-2026-53466)
Vulnerability from nvd – Published: 2026-07-01 18:20 – Updated: 2026-07-01 18:52
VLAI
EPSS
VEX
Title
ImageMagick: Heap Buffer Over-Read in XCF decoder due to integer conversion overflow
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
< 6.9.13-51
Affected: >= 7.0.1-0, < 7.1.2-26 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-53466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T18:50:58.614982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T18:52:17.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003c 6.9.13-51"
},
{
"status": "affected",
"version": "\u003e= 7.0.1-0, \u003c 7.1.2-26"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681: Incorrect Conversion between Numeric Types",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T18:20:44.416Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pjxj-pchx-4c3m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pjxj-pchx-4c3m"
}
],
"source": {
"advisory": "GHSA-pjxj-pchx-4c3m",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Heap Buffer Over-Read in XCF decoder due to integer conversion overflow"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-53466",
"datePublished": "2026-07-01T18:20:44.416Z",
"dateReserved": "2026-06-09T16:31:21.495Z",
"dateUpdated": "2026-07-01T18:52:17.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61870 (GCVE-0-2026-61870)
Vulnerability from cvelistv5 – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder
Summary
ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service.
Severity
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 2.1,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:09.995Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-m596-67p7-69wh)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-m596-67p7-69wh"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-memory-leak-via-viff-encoder"
}
],
"title": "ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61870",
"datePublished": "2026-07-11T13:01:09.995Z",
"dateReserved": "2026-07-10T21:54:26.760Z",
"dateUpdated": "2026-07-11T13:01:09.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61861 (GCVE-0-2026-61861)
Vulnerability from cvelistv5 – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption
Summary
ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution.
Severity
CWE
- CWE-416 - Use After Free
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "RigelYoung"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:09.306Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-qvxh-prvr-85w2)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvxh-prvr-85w2"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-use-after-free-in-formatmagickcaption"
}
],
"title": "ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61861",
"datePublished": "2026-07-11T13:01:09.306Z",
"dateReserved": "2026-07-10T21:53:55.769Z",
"dateUpdated": "2026-07-11T13:01:09.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61858 (GCVE-0-2026-61858)
Vulnerability from cvelistv5 – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Policy Bypass via APNG encoder
Summary
ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process.
Severity
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "rexpository"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:08.621Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-v3j6-27vc-7pw2)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v3j6-27vc-7pw2"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Policy Bypass via APNG encoder",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-policy-bypass-via-apng-encoder"
}
],
"title": "ImageMagick before 7.1.2-26 Policy Bypass via APNG encoder",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61858",
"datePublished": "2026-07-11T13:01:08.621Z",
"dateReserved": "2026-07-10T21:53:55.768Z",
"dateUpdated": "2026-07-11T13:01:08.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61857 (GCVE-0-2026-61857)
Vulnerability from cvelistv5 – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Heap Use-After-Free via XMP
Summary
ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes.
Severity
CWE
- CWE-252 - Unchecked Return Value
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "rexpository"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:07.926Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-qh5g-q395-cx4j)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh5g-q395-cx4j"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Heap Use-After-Free via XMP",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-heap-use-after-free-via-xmp"
}
],
"title": "ImageMagick before 7.1.2-26 Heap Use-After-Free via XMP",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61857",
"datePublished": "2026-07-11T13:01:07.926Z",
"dateReserved": "2026-07-10T21:53:55.768Z",
"dateUpdated": "2026-07-11T13:01:07.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-61465 (GCVE-0-2026-61465)
Vulnerability from cvelistv5 – Published: 2026-07-11 13:01 – Updated: 2026-07-11 13:01
VLAI
EPSS
VEX
Title
ImageMagick before 7.1.2-26 Memory Allocation Policy Bypass
Summary
ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of service.
Severity
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-26
(semver)
Unaffected: 7.1.2-26 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-51
(semver)
Unaffected: 6.9.13-51 (semver) |
Date Public
2026-06-26 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-26",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-26",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-51",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "rexpository"
}
],
"datePublic": "2026-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:01:07.209Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-rvhp-75f6-9jqh)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rvhp-75f6-9jqh"
},
{
"name": "VulnCheck Advisory: ImageMagick before 7.1.2-26 Memory Allocation Policy Bypass",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-memory-allocation-policy-bypass"
}
],
"title": "ImageMagick before 7.1.2-26 Memory Allocation Policy Bypass",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-61465",
"datePublished": "2026-07-11T13:01:07.209Z",
"dateReserved": "2026-07-09T14:07:55.625Z",
"dateUpdated": "2026-07-11T13:01:07.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56372 (GCVE-0-2026-56372)
Vulnerability from cvelistv5 – Published: 2026-07-11 13:00 – Updated: 2026-07-11 13:00
VLAI
EPSS
VEX
Title
ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method
Summary
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service.
Severity
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-19
(semver)
Unaffected: 7.1.2-19 (semver) |
Date Public
2026-04-13 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-19",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-19",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "e1abrador"
}
],
"datePublic": "2026-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-11T13:00:58.423Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-8vfj-q2cp-5m5j)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8vfj-q2cp-5m5j"
},
{
"name": "VulnCheck Advisory: ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-read-via-unrecognized-magnify-method"
}
],
"title": "ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56372",
"datePublished": "2026-07-11T13:00:58.423Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-07-11T13:00:58.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56373 (GCVE-0-2026-56373)
Vulnerability from cvelistv5 – Published: 2026-07-10 13:57 – Updated: 2026-07-10 15:06
VLAI
EPSS
VEX
Title
ImageMagick - Use-After-Free Write in PDB Decoder
Summary
ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-15
(semver)
Unaffected: 7.1.2-15 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-40
(semver)
Unaffected: 6.9.13-40 (semver) |
Date Public
2026-02-23 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56373",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-10T15:04:44.577179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T15:06:42.233Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-15",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-15",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-40",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-40",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zerojackyi"
}
],
"datePublic": "2026-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T13:57:58.981Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-3j4x-rwrx-xxj9)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3j4x-rwrx-xxj9"
},
{
"name": "VulnCheck Advisory: ImageMagick - Use-After-Free Write in PDB Decoder",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-use-after-free-write-in-pdb-decoder"
}
],
"title": "ImageMagick - Use-After-Free Write in PDB Decoder",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56373",
"datePublished": "2026-07-10T13:57:58.981Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-07-10T15:06:42.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56366 (GCVE-0-2026-56366)
Vulnerability from cvelistv5 – Published: 2026-07-10 13:57 – Updated: 2026-07-10 13:57
VLAI
EPSS
VEX
Title
ImageMagick - Memory Leak in META Reader APP1JPEG Error Path
Summary
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion.
Severity
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-18
(semver)
Unaffected: 7.1.2-18 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-43
(semver)
Unaffected: 6.9.13-43 (semver) |
Date Public
2026-03-24 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-18",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-18",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-43",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-43",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "unbengable12"
}
],
"datePublic": "2026-03-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T13:57:58.303Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-9r56-3gjq-hqf7)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9r56-3gjq-hqf7"
},
{
"name": "VulnCheck Advisory: ImageMagick - Memory Leak in META Reader APP1JPEG Error Path",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-meta-reader-app1jpeg-error-path"
}
],
"title": "ImageMagick - Memory Leak in META Reader APP1JPEG Error Path",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56366",
"datePublished": "2026-07-10T13:57:58.303Z",
"dateReserved": "2026-06-21T02:05:21.919Z",
"dateUpdated": "2026-07-10T13:57:58.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56374 (GCVE-0-2026-56374)
Vulnerability from cvelistv5 – Published: 2026-07-08 13:49 – Updated: 2026-07-08 15:46
VLAI
EPSS
VEX
Title
ImageMagick - Heap Buffer Overflow in FTXT Encoder via format Parameter
Summary
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT image files to cause denial of service or information disclosure.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-19
(semver)
Unaffected: 7.1.2-19 (semver) |
Date Public
2026-04-13 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T15:46:45.904836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T15:46:51.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-19",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-19",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "unbengable12"
}
],
"datePublic": "2026-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT image files to cause denial of service or information disclosure."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:49:04.868Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-w54j-7wpm-crhj)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w54j-7wpm-crhj"
},
{
"name": "VulnCheck Advisory: ImageMagick - Heap Buffer Overflow in FTXT Encoder via format Parameter",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-in-ftxt-encoder-via-format-parameter"
}
],
"title": "ImageMagick - Heap Buffer Overflow in FTXT Encoder via format Parameter",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56374",
"datePublished": "2026-07-08T13:49:04.868Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-07-08T15:46:51.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56362 (GCVE-0-2026-56362)
Vulnerability from cvelistv5 – Published: 2026-07-08 13:49 – Updated: 2026-07-08 17:08
VLAI
EPSS
VEX
Title
ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization
Summary
ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting any writer calling GetPixelIndex.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-15
(semver)
Unaffected: 7.1.2-15 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-40
(semver)
Unaffected: 6.9.13-40 (semver) |
Date Public
2026-02-23 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56362",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T16:41:35.114834Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T17:08:28.947Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-15",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-15",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-40",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-40",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ylwango613"
}
],
"datePublic": "2026-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting any writer calling GetPixelIndex."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.1,
"baseSeverity": "LOW",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:49:04.142Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-gq5v-qf8q-fp77)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gq5v-qf8q-fp77"
},
{
"name": "VulnCheck Advisory: ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-read-in-getpixelindex-via-openpixelcache-metadata-desynchronization"
}
],
"title": "ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56362",
"datePublished": "2026-07-08T13:49:04.142Z",
"dateReserved": "2026-06-20T21:16:53.711Z",
"dateUpdated": "2026-07-08T17:08:28.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55597 (GCVE-0-2026-55597)
Vulnerability from cvelistv5 – Published: 2026-07-01 19:03 – Updated: 2026-07-01 19:21
VLAI
EPSS
VEX
Title
ImageMagick: Heap Buffer Over-Write in JP2 encoder when due to incorrect handling of arguments
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has been fixed in version7.1.2-26.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
< 7.1.2-26
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55597",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T19:20:56.190744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:21:38.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003c 7.1.2-26"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has been fixed in version7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682: Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:03:29.911Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-c4v7-w88g-m6c4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-c4v7-w88g-m6c4"
}
],
"source": {
"advisory": "GHSA-c4v7-w88g-m6c4",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Heap Buffer Over-Write in JP2 encoder when due to incorrect handling of arguments"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55597",
"datePublished": "2026-07-01T19:03:29.911Z",
"dateReserved": "2026-06-16T23:18:03.170Z",
"dateUpdated": "2026-07-01T19:21:38.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55595 (GCVE-0-2026-55595)
Vulnerability from cvelistv5 – Published: 2026-07-01 19:00 – Updated: 2026-07-02 12:46
VLAI
EPSS
VEX
Title
ImageMagick: Infinite Loop in connected-components when providing invalid arguments
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
>= 7.0.1-0, < 7.1.2-26
Affected: < 6.9.13-51 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-02T12:46:31.787688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-02T12:46:43.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.1-0, \u003c 7.1.2-26"
},
{
"status": "affected",
"version": "\u003c 6.9.13-51"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T19:00:31.074Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qhmf-7fc4-8q3h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qhmf-7fc4-8q3h"
}
],
"source": {
"advisory": "GHSA-qhmf-7fc4-8q3h",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Infinite Loop in connected-components when providing invalid arguments"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55595",
"datePublished": "2026-07-01T19:00:31.074Z",
"dateReserved": "2026-06-16T23:18:03.170Z",
"dateUpdated": "2026-07-02T12:46:43.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}